The 3rd Annual Baltimore Official Cybersecurity Summit is the must-attend event for CISOs and senior leaders looking to strengthen resilience, reduce risk, and align security with business goals. Join top executives, innovators, and experts for a full day of actionable insights, cutting-edge solutions, and high-impact networking. Experience interactive panels, exclusive solution showcases, and strategic discussions that go beyond theory to deliver real-world results, all complemented by a catered breakfast, networking lunch, and closing cocktail reception.

Gregory S. Smith
Gregory S. Smith
CISO
Frederick County, MD Government
Dr. Rhonda Farrell
Dr. Rhonda Farrell
Founder
Cyber & STEAM Global Innovation Alliance

Key Issues Covered at The Official Cybersecurity Summit

AI, Automation, and Emerging-Tech Risk (and Opportunity)

As artificial intelligence, automation, and new digital technologies accelerate across every industry, cybersecurity leaders face both unprecedented risk and powerful opportunity. The summit will explore how Cybersecurity leaders and their teams can harness emerging technologies to strengthen resilience, streamline operations, and stay ahead of adversaries who are equally quick to innovate. Attendees will gain insight into real-world applications of AI for threat detection, incident response, and decision intelligence, while learning how to identify and mitigate the new classes of vulnerabilities these tools introduce.

From generative AI and large language models to autonomous security systems and deepfake detection, these discussions will separate hype from reality. Experts will share practical frameworks for governing AI responsibly, managing data integrity, and aligning innovation with enterprise risk management. The conversations will help cybersecurity executives navigate the complex balance between embracing emerging technology for competitive advantage and ensuring it doesn’t become their next threat vector.

Key Takeaways:
• Learn how AI and automation are transforming threat detection, incident response, and security operations in measurable ways.
• Practical strategies for managing and mitigating new risks created by emerging technologies like generative AI and autonomous systems.
• Frameworks for responsible AI governance, including data integrity, transparency, and regulatory alignment.
• Real-world examples of organizations balancing innovation with security and risk management priorities.
• Actionable insights cybersecurity leaders can take back to their teams to prepare for the next wave of AI-driven threats and opportunities.

Supply Chain, Third-Party Ecosystem, and Identity Attack Surface

As organizations expand their digital ecosystems, the lines between internal and external risk are rapidly disappearing. Today’s threat actors know that the fastest way into a network isn’t always through the front door. From compromised vendors and cloud integrations to weak identity controls, attackers are exploiting every link in the chain. The summit brings cybersecurity leaders together to unpack how supply chain vulnerabilities, third-party dependencies, and identity-based risks are converging to create a complex and often underestimated attack surface.

Cybersecurity executives will explore real-world examples of cascading breaches, lessons learned from managing large vendor ecosystems, and emerging frameworks for continuous third-party risk monitoring. The discussions highlight strategies for mapping hidden connections, enforcing stronger identity governance, and building resilience through transparency and collaboration. Attendees will walk away with practical insights for reducing exposure and strengthening trust across every part of their digital supply chain.

Key Takeaways:
• Understand how interconnected supply chains and third-party vendors expand your organization’s attack surface.
• Learn proven methods to assess, monitor, and mitigate risks across your extended digital ecosystem.
• Explore best practices for managing identity as the new security perimeter, including zero trust and access governance strategies.
• Gain insights from real-world breach scenarios that reveal common breakdowns in vendor and identity controls.
• Leave with an actionable framework to improve third-party risk visibility, strengthen resilience, and build more secure partnerships.

Resilience, Risk, and Results: Aligning Security with Business Outcomes

In today’s threat landscape, resilience is more than just recovery - it’s readiness, adaptability, and alignment with the business mission. The summit explores how forward-thinking cybersecurity executives are quantifying cyber risk to drive smarter investments and communicate value in business terms. By translating technical controls into measurable business impact, cybersecurity leaders are helping their organizations make data-driven decisions that balance protection with performance.

Join top executives and thought leaders for in-depth discussions on the frameworks, metrics, and real-world practices shaping the next generation of cyber resilience. From risk quantification models to boardroom-ready reporting, this conversation will reveal how leading security teams are reframing cybersecurity as a strategic business enabler - bridging the gap between risk reduction and results.

Key Takeaways:
• Learn how to translate cybersecurity metrics into meaningful business outcomes that resonate with executive leadership and the board.
• Explore practical approaches to cyber risk quantification that help prioritize investments and justify budget decisions.
• Understand how resilience strategies can align with overall business continuity and growth objectives.
• Gain insights from leading CISOs on how they communicate security value across the organization to drive engagement and accountability.
• Discover frameworks and tools that connect operational security performance with measurable business impact.

Top 6 Reasons to Attend the Cybersecurity Summit

1
Learn

Learn from renowned experts from around the globe on how to protect & defend your business from cyber attacks during interactive panels & fast track discussions.

2
Evaluate Demonstrations

Evaluate and see demonstrations from dozens of cutting-edge cybersecurity solution providers that can best protect your enterprise from the latest threats.

3
Time, Travel & Money

Our mission is to bring the cyber summit to the decisionmakers in the nation’s top cities. Our events are limited to one day only and are produced within first-class hotels, not convention centers.

4
Engage, Network, Socialize & Share

Engage, network, socialize and share with hundreds of fellow business leaders, cybersecurity experts, C-Suite executives, and entrepreneurs. All attendees are pre-screened and approved in advance. On-site attendance is limited in order to maintain an intimate environment conducive to peer-to-peer interaction and learning.

5
CEUs / CPE Credits

By attending a full day at the Cybersecurity Summit, you will receive a certificate granting you Continuing Education Units (CEU) or Continuing Professional Education (CPE) credits. To earn these credits you must participate for the entire summit and confirm your attendance at the end of the day.

6
A Worthwhile Investment

By investing one day at the summit you may save your company millions of dollars, avoid stock devaluation, and potential litigation.

Questions

For any questions, please contact our
Registration Team.

Sponsor

To sponsor at an upcoming summit, please fill out the
Sponsor Form.

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.
 
Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.
 
Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.
 
Please note these qualifications pertain to all attendees, including members of our partner organizations.

Agenda

The Official Cybersecurity Summit delivers high-impact sessions designed to help leaders strengthen resilience, protect critical infrastructure, and align security with business goals.

Attendees will gain actionable insights from expert panels, explore cutting-edge solutions, and connect directly with top industry innovators - making this a can’t-miss agenda for CISOs and security executives.

8:00-9:00
Networking Breakfast
9:00-9:05
Welcome
9:05-9:10
Welcoming Remarks
9:10-9:40
Opening Keynote with Rick Howard , CEO and Co-founder, The Cybercanon Project: Read More, Think Better: The Cybersecurity Books You Should Start With

The cybersecurity industry produces an overwhelming amount of content every day: blogs, threat reports, podcasts, white papers, and social media analysis. The problem isn’t access to information. The problem is knowing what is actually worth your time.

In this session, Rick Howard, CEO of the Cybersecurity Canon Project and author of Cybersecurity First Principles, argues that the fastest way to deepen professional expertise is counterintuitive: stop skimming everything and start reading a few things deeply.

Drawing on lessons from the Cybersecurity Canon Hall of Fame, a curated collection of the most influential books ever written about cybersecurity, Howard will walk through several key works that have shaped the industry.

Attendees will learn:

● Why the cybersecurity profession suffers from a signal-to-noise problem in knowledge consumption

● Why books remain the most powerful knowledge-transfer mechanism in technical fields

● How a handful of seminal works shaped modern cybersecurity thinking

● A practical approach to building your own deep-reading roadmap

If you want to sharpen your thinking, accelerate your professional growth, and focus your learning on the ideas that actually matter, this session will give you the starting point.

Rick Howard
Rick Howard
CEO and Cofounder
The Cybercanon Project
10:10-10:20
Innovation Spotlight - Huntress Labs: Defending the Rest of Us Resilience for Organizations of All Sizes

News headlines show you the breaches at massive corporations, but it’s everyday organizations that face the most threats. Adversaries prey on the human psyche and use AI to advance their tactics and target the companies that keep our communities running.  For these companies, a ransomware or BEC attack isn’t just a stressful event—it’s the reason they can’t make payroll. This session explores how hackers plan to win, and why you don’t need a massive budget to fight back.  We’ll get into how Huntress brings cyber resilience through a powerful combo of purpose-built technology and human SOC expertise to stop threats before they cause damage—because organizations of ALL sizes deserve a fighting chance against attackers.

Greyson Shambaugh
Greyson Shambaugh
Competitive Intelligence Representative
Huntress
10:20-10:40
Rubrik Presentation: When Prevention Fails: Orchestrating Identity Recovery and Cloud Resilience

Identity-based attacks are a CISO's nightmare, with 90% of cyber intrusions leveraging phished or leaked credentials and privilege escalation. Once compromised, attackers can move anywhere across the data estate and are frequently infiltrating your cloud environments. In this session, we'll dive into the unified approach of Rubrik Identity and Cloud Resilience, demonstrating how it goes beyond traditional data protection to secure your entire hybrid identity, including Active Directory and Entra ID, as well as safeguarding your ability to recover data after an incident. We'll explore how to proactively manage identity and data risk, continuously monitor for changes, and—when prevention fails—orchestrate a fast, clean recovery of all of your data across your identity and cloud platforms. You will learn how your organization can maintain business continuity, even in the face of a catastrophic event.

Matt Castriotta
Matt Castriotta
Field CTO, Cloud
Rubrik
10:40-11:00
Darktrace Presentation
11:00-11:30
Networking Break
11:30-12:00
Panel 1: AI and Emerging Tech at the 2026 Security Frontline

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

12:00-12:20
Presentation with Dr. Rhonda Farrell, Founder, Cyber & STEAM Global Innovation Alliance: Resilience, Risk, and Results: Building a Cyber Workforce That Secures Business Outcomes in the Age of AI and OT

As cyber risk becomes business risk, organizations are being forced to rethink not just their technology, but their talent strategy. 

The convergence of AI-driven threats, operational technology (OT) exposure, and expanding digital ecosystems is outpacing the ability of traditional cybersecurity teams to respond. At the same time, a global shortage of nearly 4.8 million cybersecurity professionals continues to widen, leaving organizations increasingly exposed  

This session challenges leaders to move beyond hiring models and toward pipeline engineering, aligning workforce strategy directly to resilience, risk reduction, and measurable business outcomes. 

Attendees will explore how to: 

  • Align cybersecurity talent strategy with enterprise risk priorities and operational resilience  

  • Build future-ready workforce pipelines across AI, OT, and cyber-physical systems  

  • Shift from reactive staffing models to scalable, capability-based workforce design  

  • Translate workforce investments into business performance, not just security posture  

Dr. Rhonda Farrell
Dr. Rhonda Farrell
Founder
Cyber & STEAM Global Innovation Alliance
12:20-12:40
Halcyon Presentation: Ransomware Kills. It's Time to Call It Terrorism

Ransomware is still widely framed as a criminal nuisance — an IT problem to be managed with better tools, faster detection, and stronger compliance. That framing is no longer just outdated. It is costing lives. When ransomware takes down a hospital's electronic health records, patients are diverted from emergency care. When it disrupts a 911 dispatch center, help doesn't arrive. When it shuts down water treatment or power grids, entire communities face existential risk. These are not inconveniences. These are acts of violence — deliberate, targeted, and inflicted on the most vulnerable among us. The fact that the weapon is code does not make the harm any less real. Today's most destructive ransomware operations are not opportunistic. They are organized, well-resourced campaigns that deliberately target systemically important critical infrastructure — hospitals, emergency services, water systems, and energy grids — with full knowledge that human lives hang in the balance. These actors understand exactly what they are doing. They are not stealing data. They are holding lives hostage. This keynote argues that the criminal framework we apply to ransomware is catastrophically mismatched to the threat. When an attack is designed to coerce societies by threatening civilian safety, when it targets the systems people depend on to survive, and when it is carried out with strategic intent — that is not cybercrime. That is terrorism. And our legal designations, our policy responses, and our collective posture must reflect that reality. The session will examine how advances in AI, identity-based attacks, and third-party ecosystem exposure are accelerating attacker capabilities and expanding blast radius across interconnected critical systems. It will make the case that detection, compliance, and post-incident recovery — while necessary — are insufficient responses to acts of violence. Resilience matters. But so does accountability. Most importantly, this keynote is a call to action. Reclassifying the most destructive ransomware actors as terrorists is not a radical idea — it is a moral and strategic imperative. Achieving it requires a coalition: security leaders, policymakers, legal scholars, healthcare executives, and infrastructure operators who are willing to say, publicly and persistently, that this line has been crossed. Attendees will leave with a clear understanding of why the current model is failing, what a terrorism designation would actually mean in practice, and — most importantly — how they can join a growing movement to demand that our laws, our institutions, and our society treat attacks on human life with the gravity they deserve. The worst ransomware actors are not hackers. They are violent actors hiding behind keyboards. It's time we treated them that way. Join us.

Meredith Burkhardt
Meredith Burkhardt
Senior Director for Government Affairs and Public Policy
Halcyon
12:40-1:40
Lunch
1:40-2:10
Panel 2: Securing the Extended Ecosystem: Supply Chains, Vendors, and Identities

Abstract:
As organizations expand their digital ecosystems, risks extend far beyond internal networks. Threat actors are increasingly exploiting supply chains, third-party vendors, and identity gaps to gain access. This session brings together cybersecurity leaders and solution providers to explore how these interwoven risks create a complex attack surface -and how technology can help mitigate them.

Panelists will share real-world examples, lessons from managing large vendor networks, and innovative tools and frameworks for continuous risk assessment. Discussions will highlight strategies for mapping hidden dependencies, enforcing strong identity governance, and strengthening resilience through automation, collaboration, and transparency. Attendees will gain actionable insights on reducing exposure, improving third-party risk visibility, and leveraging technology to secure their extended digital ecosystem.

Key Takeaways:
• Understand how supply chains, vendors, and identities amplify organizational risk.
• Explore practical methods and tools for assessing, monitoring, and mitigating third-party and ecosystem vulnerabilities.
• Learn how to treat identity as a security perimeter using zero trust, access governance, and automated solutions.
• Gain insights from real-world breaches that reveal common gaps in vendor and identity controls.
• Walk away with a technology-informed framework to enhance resilience, secure partnerships, and reduce exposure across your digital ecosystem.

Scott Algeier
Scott Algeier
Executive Director
IT-ISAC
2:40-3:00
Presentation with Scott Algeier, Executive Director, IT-ISAC: Inside the IT Sector Cyber Threat Landscape: Key Findings from 2025 and Beyond

The cyber threat landscape continues to evolve rapidly, with the IT sector regularly targeted as a gateway to impact broader supply chains. Drawing on insights from the Information Technology - Information Sharing and Analysis Center (IT-ISAC) updated annual cyber threat report, this session will provide a concise overview of the sector’s top threats of 2025. Highlights include an overview of the actors most aggressively targeting IT companies and a rundown of the tactics, techniques, and procedures most commonly used by these adversaries, as well as a more specific look at ransomware groups and their impact on the sector.

The presentation will also explore what lies ahead in 2026 as advances in technology, especially artificial intelligence, enable faster, more scalable cyberattacks. Attendees will leave with a clear understanding of the evolving IT threat landscape, and actionable insights to help their teams strengthen resilience and reduce risk across their own organizations and associated supply chains.

Scott Algeier
Scott Algeier
Executive Director
IT-ISAC
2:40-3:00
Presentation with Chris Zannetos, Founder, STEMatch: Accessing an untapped, job-ready, cost-effective cybersecurity talent pool

The chronic shortage of effective cybersecurity talent is a critical national security, as well as economic and company competitiveness issue. And unlike in other tech segments, AI advancements are likely to increase the number of cybersecurity openings with AI governance, administration of embedded AI cybersecurity capabilities, and AI-empower hacking creating more jobs than automation will eliminate.

There is a segment of our population - in fact, a majority of our fellow Americans - who have no path to cybersecurity jobs even though they may have the requisite, fundamental aptitude. This session explores an experiment by cybersecurity software/service providers, and "end user companies" with significant cybersecurity operations to determine how they might be able to tap this job-ready talent pool - and the program that is scaling the solution across the country.

Chris Zannetos
Chris Zannetos
Founder
STEMatch
3:30-4:00
Panel 3: The Power of Diversity in Cybersecurity: Building Smarter, Stronger Teams

Abstract:
Cybersecurity challenges are complex, and solving them requires teams with diverse perspectives, skills, and experiences. This panel explores how diversity drives better problem-solving, innovation, and threat detection in security organizations.

Panelists will share strategies for attracting and retaining talent from varied backgrounds, leveraging unique thinking styles, and applying different experiences to uncover blind spots in risk management. Attendees will gain actionable insights for building teams that are not only technically skilled but more adaptive, creative, and resilient in the face of evolving cyber threats.

Key Takeaways:

  • Understand how diversity strengthens problem-solving, innovation, and threat response.
  • Learn approaches to recruit and retain talent from non-traditional backgrounds.
  • Explore how different perspectives and thinking styles reveal hidden risks.
  • Gain strategies to create teams that are adaptable, collaborative, and resilient.
  • Walk away with practical ideas for integrating diversity into cybersecurity team design and strategy.
4:20-4:30
Innovation Spotlight - Sublime
4:40-5:00
Closing Keynote Presentation with Gregory S. Smith, CISO, Frederick County, MD Government: A New Approach for GenAI and Data Loss Risk Protection

When generative AI (GenAI) hit the consumer market with the release of OpenAI’s ChatGPT, users worldwide flocked to the product and started experimenting with the tool’s capabilities across industries. The release also sent an instant panic through the hearts of information security professionals, whose job it is to protect organizations from risks including the loss or theft of sensitive data — including personally identifiable information (PII), protected health information (PHI) and sensitive corporate data and intellectual property. In addition to data loss, publicly available GenAI solutions have risks including model poisoning, prompt injection, bias, data poising, and maliciously generated code. This session will explore 2 options for securing GenAI solutions, while protecting against the egress of sensitive data from your organization.

Gregory S. Smith
Gregory S. Smith
CISO
Frederick County, MD Government
5:00-6:00
Networking Reception

Speakers

Our speakers bring unmatched expertise and real-world experience in cybersecurity, risk management, and business strategy. Through engaging keynotes, panels, and discussions, they deliver actionable insights and practical solutions that help CISOs and security leaders stay ahead of evolving threats.

Scott Algeier
Scott Algeier
Executive Director
IT-ISAC
Meredith Burkhardt
Meredith Burkhardt
Senior Director for Government Affairs and Public Policy
Halcyon
Matt Castriotta
Matt Castriotta
Field CTO, Cloud
Rubrik
Dr. Rhonda Farrell
Dr. Rhonda Farrell
Founder
Cyber & STEAM Global Innovation Alliance
Rick Howard
Rick Howard
CEO and Cofounder
The Cybercanon Project
Greyson Shambaugh
Greyson Shambaugh
Competitive Intelligence Representative
Huntress
Gregory S. Smith
Gregory S. Smith
CISO
Frederick County, MD Government
Chris Zannetos
Chris Zannetos
Founder
STEMatch
To speak at an upcoming summit, please fill out the Speaker Request form. »

Sponsors

The Official Cybersecurity Summit connects innovative solution providers with the cybersecurity leaders who evaluate and influence purchasing decisions. With a dynamic exhibition hall and a packed agenda of interactive panels and engaging sessions, this event offers unmatched opportunities to showcase solutions and build meaningful connections.

To sponsor at an upcoming summit, please fill out the Sponsor form. »

Partners

The Cybersecurity Summit is proud to partner with some of the industry’s most respected organizations in technology, information security, and business leadership.

If your organization is interested in partnering with The Cybersecurity Summit, please fill out the Partnership Form »

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.

Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.

Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.

Please note these qualifications pertain to all attendees, including members of our partner organizations.